subject:"\[RESEND\(4\) PATCH\] archival\: disallow path traversals \(CVE\-2023\-39810\)"

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-05-13 Thread Xabier Oneca -- xOneca

Hi Qi, FWIW, as he said in his response (https://lists.busybox.net/pipermail/busybox/2025-April/091436.html), Denys already commited something similar (https://git.busybox.net/busybox/commit/?id=9a8796436b9b0641e13480811902ea2ac57881d3). Cheers, Xabier Oneca_,,_ _

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-05-07 Thread ChenQi

*Date: *Monday 31 March 2025 at 10:28 *To: *"busybox@busybox.net" *Subject: *Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810) Will this patch be accepted? Or is it not suitable for busybox for some reason? Regards, Qi On 10/11/24 15: 54, Ian No

Re: [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-04-15 Thread Denys Vlasenko

On Wed, Oct 2, 2024 at 10:12 AM Peter Kaestle wrote: > > Create new configure option for archival/libarchive based extractions to > disallow path traversals. > As this is a paranoid option and might introduce backward > incompatibiltiy, default it to no. > > Fixes: CVE-2023-39810 > > Signed-off-by

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-04-05 Thread ChenQi

busybox.net" , Denys Vlasenko *Cc: *"martin.schob...@pentagrid.ch" , Peter Kaestle , Samuel Sapalski *Subject: *[EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810) Create new configure option for archival/libarchive based extractions to disallow pat

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-04-05 Thread Ian Norton

rtin.schob...@pentagrid.ch>, Peter Kaestle <mailto:peter.kaes...@nokia.com>, Samuel Sapalski <mailto:samuel.sapal...@nokia.com> Subject: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810) Create new configure option for archival/libarchive based

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2025-04-01 Thread ChenQi

busybox.net" , Denys Vlasenko *Cc: *"martin.schob...@pentagrid.ch" , Peter Kaestle , Samuel Sapalski *Subject: *[EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810) Create new configure option for archival/libarchive based extractions to disallow pat

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2024-10-11 Thread Ian Norton

senko Cc: "martin.schob...@pentagrid.ch" , Peter Kaestle , Samuel Sapalski Subject: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810) Create new configure option for archival/libarchive based extractions to disallow path traversals. As this is a paranoid option

[RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

2024-10-02 Thread Peter Kaestle

Create new configure option for archival/libarchive based extractions to disallow path traversals. As this is a paranoid option and might introduce backward incompatibiltiy, default it to no. Fixes: CVE-2023-39810 Signed-off-by: Peter Kaestle Reviewed-by: Samuel Sapalski --- archival/Config.sr

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

Re: [EXTERNAL] [RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

[RESEND(4) PATCH] archival: disallow path traversals (CVE-2023-39810)

8 matches

Site Navigation

Mail list logo

Footer information